The Aurora Malware is a threat being offered for sale on specialized hacker forums. Its creators claim that the threat possesses an expansive list of features that include characteristics of RATs (Remote Access Trojan), botnets, stealers, clippers, and in the latest versions, even ransomware. If the description is correct, the Aurora Malware can be utilized in a wide range of attack campaigns that have different nefarious goals, based on the specific threat actors.
To be more precise, Aurora is supposed to provide remote access to the infected systems. RATs also are commonly equipped with the functionality to execute arbitrary commands, collect data, exfiltrate chosen files and more. Botnets, on the other hand, create networks of infected devices and use them to launch DDoS (Distributed Denial-of-Service) attacks, send countless spam messages and more.
Stealers and clippers are designed to obtain sensitive and confidential information from the victims. Stealers typically harvest account credentials, data from installed applications, cryptocurrency wallets, FTPs, VPNs, popular gaming and messaging platforms, etc. As for clippers, they are specifically created to scan the content saved into the system's clipboard and, unknowingly to the victims, substitute it with a different one.
Finally, according to Aurora Malware's creators, the threat has been equipped with encryption capabilities. As a result, ransomware operators can supposedly utilize it in their threatening campaigns to encrypt the data of their victims.